Initial commit with server startup infrastructure

Core infrastructure: - Uber fx dependency injection - Chi router with middleware stack - SQLite database with embedded migrations - Embedded templates and static assets - Structured logging with slog Features implemented: - Authentication (login, logout, session management, argon2id hashing) - App management (create, edit, delete, list) - Deployment pipeline (clone, build, deploy, health check) - Webhook processing for Gitea - Notifications (ntfy, Slack) - Environment variables, labels, volumes per app - SSH key generation for deploy keys Server startup: - Server.Run() starts HTTP server on configured port - Server.Shutdown() for graceful shutdown - SetupRoutes() wires all handlers with chi router
2025-12-29 15:46:03 +07:00
commit 3f9d83c436
59 changed files with 11707 additions and 0 deletions
--- a/internal/server/routes.go
+++ b/internal/server/routes.go
@@ -0,0 +1,88 @@
+package server
+
+import (
+	"net/http"
+	"time"
+
+	"github.com/go-chi/chi/v5"
+	chimw "github.com/go-chi/chi/v5/middleware"
+	"github.com/prometheus/client_golang/prometheus/promhttp"
+
+	"git.eeqj.de/sneak/upaas/static"
+)
+
+// requestTimeout is the maximum duration for handling a request.
+const requestTimeout = 60 * time.Second
+
+// SetupRoutes configures all HTTP routes.
+func (s *Server) SetupRoutes() {
+	s.router = chi.NewRouter()
+
+	// Global middleware
+	s.router.Use(chimw.Recoverer)
+	s.router.Use(chimw.RequestID)
+	s.router.Use(s.mw.Logging())
+	s.router.Use(s.mw.CORS())
+	s.router.Use(chimw.Timeout(requestTimeout))
+	s.router.Use(s.mw.SetupRequired())
+
+	// Health check (no auth required)
+	s.router.Get("/health", s.handlers.HandleHealthCheck())
+
+	// Static files
+	s.router.Handle("/static/*", http.StripPrefix(
+		"/static/",
+		http.FileServer(http.FS(static.Static)),
+	))
+
+	// Public routes
+	s.router.Get("/login", s.handlers.HandleLoginGET())
+	s.router.Post("/login", s.handlers.HandleLoginPOST())
+	s.router.Get("/setup", s.handlers.HandleSetupGET())
+	s.router.Post("/setup", s.handlers.HandleSetupPOST())
+
+	// Webhook endpoint (uses secret for auth, not session)
+	s.router.Post("/webhook/{secret}", s.handlers.HandleWebhook())
+
+	// Protected routes (require session auth)
+	s.router.Group(func(r chi.Router) {
+		r.Use(s.mw.SessionAuth())
+
+		// Dashboard
+		r.Get("/", s.handlers.HandleDashboard())
+
+		// Logout
+		r.Get("/logout", s.handlers.HandleLogout())
+
+		// App routes
+		r.Get("/apps/new", s.handlers.HandleAppNew())
+		r.Post("/apps", s.handlers.HandleAppCreate())
+		r.Get("/apps/{id}", s.handlers.HandleAppDetail())
+		r.Get("/apps/{id}/edit", s.handlers.HandleAppEdit())
+		r.Post("/apps/{id}", s.handlers.HandleAppUpdate())
+		r.Post("/apps/{id}/delete", s.handlers.HandleAppDelete())
+		r.Post("/apps/{id}/deploy", s.handlers.HandleAppDeploy())
+		r.Get("/apps/{id}/deployments", s.handlers.HandleAppDeployments())
+		r.Get("/apps/{id}/logs", s.handlers.HandleAppLogs())
+
+		// Environment variables
+		r.Post("/apps/{id}/env-vars", s.handlers.HandleEnvVarAdd())
+		r.Post("/apps/{id}/env-vars/{varID}/delete", s.handlers.HandleEnvVarDelete())
+
+		// Labels
+		r.Post("/apps/{id}/labels", s.handlers.HandleLabelAdd())
+		r.Post("/apps/{id}/labels/{labelID}/delete", s.handlers.HandleLabelDelete())
+
+		// Volumes
+		r.Post("/apps/{id}/volumes", s.handlers.HandleVolumeAdd())
+		r.Post("/apps/{id}/volumes/{volumeID}/delete", s.handlers.HandleVolumeDelete())
+	})
+
+	// Metrics endpoint (optional, with basic auth)
+	if s.params.Config.MetricsUsername != "" {
+		s.router.Group(func(r chi.Router) {
+			r.Use(s.mw.MetricsAuth())
+			r.Get("/metrics", promhttp.Handler().ServeHTTP)
+		})
+	}
+}